Discuss mailing list

[Jeff Taylor <shdwdrgn AT sourpuss.net>]

I also love the idea of rootless domains.  The idea of a decentralized
authority sounds like a great way to go, but the implementation could be
tricky...

The way I see it, you wouldn't necessarily need a web-of-trust model,
although it might be more reliable.  Alternatively, you could work from
an age model -- don't allow a new party to register or modify a domain
if there is an older owner found.  (Ownership would likely have to be
provided by some sort of SSL key?)

As for permanently lost domains, I would imagine you could get around
that by requiring each domain to update their DNS record, or perhaps
resign their SSL key once a year, and if it expires, the domain is
removed and open for registration again.  This model would also mean
that if some company let their domain lapse, their only recourse for
regaining it would be to pay off whoever snagged it.

For storing the records, it wouldn't really be that much different that
what we have now -- using standard zone files -- there would just be a
lot more of them, or there could be a single large file containing the
pointers to all the domains.

I guess the biggest trick for a decentralized authority would be getting
an initial query to confirm with multiple sources before accepting an
answer, and I'm not really sure how to do that without rewriting the
current DNS query methods.  It would probably be easier to continue our
setup with multiple T2 servers that we consider reliable, and perhaps
work on a model where the client DNS servers are occasionally updated.

On 05/25/2013 10:13 PM, Guillaume Parent wrote:
> I liked the idea, but I don't like the pricing. To me, it defeats the
> point of OpenNIC entirely.
>